Obstacle detection for a mining vehicle using a 2D laser

This paper discusses a number of key issues for the development of robust obstacle detection systems for autonomous mining vehicles. Strategies for obstacle detection are described and an overview of the state-of-the-art in obstacle detection for outdoor autonomous vehicles using lasers is presented, with their applicability to the mining environment noted. The development of an obstacle detection system for a mining vehicle is then detailed. This system uses a 2D laser scanner as the prime sensor and combines dead-reckoning data with laser data to create local terrain maps. The slope of the terrain maps is then used to detect potential obstacles.

Issues in obstacle detection for autonomous mining and construction vehicles

This paper discusses a Dumber of key issues for the development of robust, obstacle detection systems for autonomous mining and construction vehicles. A taxonomy of obstacle detection systems is described; An overview of the state-of- the-art in obstacle detection for outdoor autonomous vehicles is presented with their applicability to the mining and construction environments noted. The issue of so-called fail-safe obstacle detection is then discussed. Finally, we describe the development of an obstacle detection system for a mining vehicle.

Abstracting and correlating heterogeneous events to detect complex scenarios

The research presented in this thesis addresses inherent problems in signaturebased intrusion detection systems (IDSs) operating in heterogeneous environments. The research proposes a solution to address the difficulties associated with multistep attack scenario specification and detection for such environments. The research has focused on two distinct problems: the representation of events derived from heterogeneous sources and multi-step attack specification and detection. The first part of the research investigates the application of an event abstraction model to event logs collected from a heterogeneous environment. The event abstraction model comprises a hierarchy of events derived from different log sources such as system audit data, application logs, captured network traffic, and intrusion detection system alerts. Unlike existing event abstraction models where low-level information may be discarded during the abstraction process, the event abstraction model presented in this work preserves all low-level information as well as providing high-level information in the form of abstract events. The event abstraction model presented in this work was designed independently of any particular IDS and thus may be used by any IDS, intrusion forensic tools, or monitoring tools. The second part of the research investigates the use of unification for multi-step attack scenario specification and detection. Multi-step attack scenarios are hard to specify and detect as they often involve the correlation of events from multiple sources which may be affected by time uncertainty. The unification algorithm provides a simple and straightforward scenario matching mechanism by using variable instantiation where variables represent events as defined in the event abstraction model. The third part of the research looks into the solution to address time uncertainty. Clock synchronisation is crucial for detecting multi-step attack scenarios which involve logs from multiple hosts. Issues involving time uncertainty have been largely neglected by intrusion detection research. The system presented in this research introduces two techniques for addressing time uncertainty issues: clock skew compensation and clock drift modelling using linear regression. An off-line IDS prototype for detecting multi-step attacks has been implemented. The prototype comprises two modules: implementation of the abstract event system architecture (AESA) and of the scenario detection module. The scenario detection module implements our signature language developed based on the Python programming language syntax and the unification-based scenario detection engine. The prototype has been evaluated using a publicly available dataset of real attack traffic and event logs and a synthetic dataset. The distinct features of the public dataset are the fact that it contains multi-step attacks which involve multiple hosts with clock skew and clock drift. These features allow us to demonstrate the application and the advantages of the contributions of this research. All instances of multi-step attacks in the dataset have been correctly identified even though there exists a significant clock skew and drift in the dataset. Future work identified by this research would be to develop a refined unification algorithm suitable for processing streams of events to enable an on-line detection. In terms of time uncertainty, identified future work would be to develop mechanisms which allows automatic clock skew and clock drift identification and correction. The immediate application of the research presented in this thesis is the framework of an off-line IDS which processes events from heterogeneous sources using abstraction and which can detect multi-step attack scenarios which may involve time uncertainty.

Detecting and characterising malicious executable payloads

Buffer overflow vulnerabilities continue to prevail and the sophistication of attacks targeting these vulnerabilities is continuously increasing. As a successful attack of this type has the potential to completely compromise the integrity of the targeted host, early detection is vital. This thesis examines generic approaches for detecting executable payload attacks, without prior knowledge of the implementation of the attack, in such a way that new and previously unseen attacks are detectable. Executable payloads are analysed in detail for attacks targeting the Linux and Windows operating systems executing on an Intel IA-32 architecture. The execution flow of attack payloads are analysed and a generic model of execution is examined. A novel classification scheme for executable attack payloads is presented which allows for characterisation of executable payloads and facilitates vulnerability and threat assessments, and intrusion detection capability assessments for intrusion detection systems. An intrusion detection capability assessment may be utilised to determine whether or not a deployed system is able to detect a specific attack and to identify requirements for intrusion detection functionality for the development of new detection methods. Two novel detection methods are presented capable of detecting new and previously unseen executable attack payloads. The detection methods are capable of identifying and enumerating the executable payload’s interactions with the operating system on the targeted host at the time of compromise. The detection methods are further validated using real world data including executable payload attacks.

Bayesian methodology incorporating expert judgment for ranking countermeasure effectiveness under uncertainty: Example applied to at grade railroad crossings in Korea

This paper describes the formalization and application of a methodology to evaluate the safety benefit of countermeasures in the face of uncertainty. To illustrate the methodology, 18 countermeasures for improving safety of at grade railroad crossings (AGRXs) in the Republic of Korea are considered. Akin to “stated preference” methods in travel survey research, the methodology applies random selection and laws of large numbers to derive accident modification factor (AMF) densities from expert opinions. In a full Bayesian analysis framework, the collective opinions in the form of AMF densities (data likelihood) are combined with prior knowledge (AMF density priors) for the 18 countermeasures to obtain ‘best’ estimates of AMFs (AMF posterior credible intervals). The countermeasures are then compared and recommended based on the largest safety returns with minimum risk (uncertainty). To the author's knowledge the complete methodology is new and has not previously been applied or reported in the literature. The results demonstrate that the methodology is able to discern anticipated safety benefit differences across candidate countermeasures. For the 18 at grade railroad crossings considered in this analysis, it was found that the top three performing countermeasures for reducing crashes are in-vehicle warning systems, obstacle detection systems, and constant warning time systems.

Low cost railway level crossings

The Cooperative Research Centre (CRC) for Rail Innovation is conducting a tranche of industry-led research projects looking into safer rail level crossings. This paper will provide an overview of the Affordable Level Crossings project, a project that is performing research in both engineering and human factors aspects of low-cost level crossing warning devices (LCLCWDs), and is facilitating a comparative trial of these devices over a period of 12 months in several jurisdictions. Low-cost level crossing warning devices (LCLCWDs) are characterised by the use of alternative technologies for high cost components including train detection and connectivity (e.g. radar, acoustic, magnetic induction train detection systems and wireless connectivity replacing traditional track circuits and wiring). These devices often make use of solar power where mains power is not available, and aim to make substantial savings in lifecycle costs. The project involves trialling low-cost level crossing warning devices in shadow-mode, where devices are installed without the road-user interface at a number of existing level crossing sites that are already equipped with conventional active warning systems. It may be possible that the deployment of lower-cost devices can provide a significantly larger safety benefit over the network than a deployment of expensive conventional devices, as the lower cost would allow more passive level crossing sites to be upgraded with the same capital investment. The project will investigate reliability and safety integrity issues of the low-cost devices, as well as evaluate lifecycle costs and investigate human factors issues related to warning reliability. This paper will focus on the requirements and safety issues of LCLCWDs, and will provide an overview of the Rail CRC projects.

Fragmentation pathways of 2,3-dimethyl-2,3-dinitrobutane cations in the gas phase

2,3-Dimethyl-2,3-dinitrobutane (DMNB) is an explosive taggant added to plastic explosives during manufacture making them more susceptible to vapour-phase detection systems. In this study, the formation and detection of gas-phase \[M+H](+), \[M+Li](+), \[M+NH(4)](+) and \[M+Na](+) adducts of DMNB was achieved using electrospray ionisation on a triple quadrupole mass spectrometer. The \[M+H](+) ion abundance was found to have a strong dependence on ion source temperature, decreasing markedly at source temperatures above 50 degrees C. In contrast, the \[M+Na](+) ion demonstrated increasing ion abundance at source temperatures up to 105 degrees C. The relative susceptibility of DMNB adduct ions toward dissociation was investigated by collision-induced dissociation. Probable structures of product ions and mechanisms for unimolecular dissociation have been inferred based on fragmentation patterns from tandem mass (MS/MS) spectra of source-formed ions of normal and isotopically labelled DMNB, and quantum chemical calculations. Both thermal and collisional activation studies suggest that the \[M+Na](+) adduct ions are significantly more stable toward dissociation than their protonated analogues and, as a consequence, the former provide attractive targets for detection by contemporary rapid screening methods such as desorption electrospray ionisation mass spectrometry. Copyright (C) 2009 Commonwealth of Australia. Published by John Wiley & Sons, Ltd.

Radiographer commenting of trauma radiographs : a survey of the benefits, barriers and enablers to participation in an Australian healthcare setting

Introduction Radiographer abnormality detection systems that highlight abnormalities on trauma radiographs (‘red dot’ system) have been operating for more than 30 years. Recently, a number of pitfalls have been identified. These limitations initiated the evolution of a radiographer commenting system, whereby a radiographer provides a brief description of abnormalities identified in emergency healthcare settings. This study investigated radiographers' participation in abnormality detection systems, their perceptions of benefits, barriers and enablers to radiographer commenting, and perceptions of potential radiographer image interpretation services for emergency settings. Methods A cross-sectional survey was implemented. Participants included radiographers from four metropolitan hospitals in Queensland, Australia. Conventional descriptive statistics, histograms and thematic analysis were undertaken. Results Seventy-three surveys were completed and included in the analysis (68% response rate); 30 (41%) of respondents reported participating in abnormality detection in 20% or less of examinations, and 26(36%) reported participating in 80% or more of examinations. Five overarching perceived benefits of radiographer commenting were identified: assisting multidisciplinary teams, patient care, radiographer ability, professional benefits and quality of imaging. Frequently reported perceived barriers included ‘difficulty accessing image interpretation education’, ‘lack of time’ and ‘low confidence in interpreting radiographs’. Perceived enablers included ‘access to image interpretation education’ and ‘support from radiologist colleagues’. Conclusions A range of factors are likely to contribute to the successful implementation of radiographer commenting in addition to abnormality detection in emergency settings. Effective image interpretation education amenable to completion by radiographers would likely prove valuable in preparing radiographers for participation in abnormality detection and commenting systems in emergency settings.

Research outcomes for improved management of insulated rail joints

Insulated Rail Joints (IRJs) are safety critical component of the automatic block signalling and broken rail detection systems. IRJs exhibit several failure modes due to complex interaction between the railhead ends and the wheel tread near the gap. These localised zones could not be monitored using automatic sensing devices and hence are resorted to visual inspection only, which is error prone and expensive. In Australia alone currently there are 50,000 IRJs across 80,000 km of rail track. The significance of the problem around the world could thus be realised as there exists one IRJ for each 1.6 km track length. IRJs exhibit extremely low and variable service life; further the track substructure underneath IRJs degrade faster. Thus presence of the IRJs incur significant costs to track maintenance. IRJ failures have also contributed to some train derailments and various traffic disruptions in rail lines. This paper reports a systematic research carried out over seven years on the mechanical behaviour of IRJs for practically relevant outcomes. The research has scientifically established that stiffening the track bed for reduction in impact force is an ill-conceived concept and the most effective method is to reduce the gap size. Further it is established that hardening the railhead ends through laser coating (or other) cannot adequately address the metal flow problem in the long run; modification of the railhead profile is the only appropriate technique to completely eliminate the problem. Part of these outcomes has been adopted by the rail infrastructure owners in Australia.

Transaction mining for fraud detection in ERP Systems

Despite all attempts to prevent fraud, it continues to be a major threat to industry and government. Traditionally, organizations have focused on fraud prevention rather than detection, to combat fraud. In this paper we present a role mining inspired approach to represent user behaviour in Enterprise Resource Planning (ERP) systems, primarily aimed at detecting opportunities to commit fraud or potentially suspicious activities. We have adapted an approach which uses set theory to create transaction profiles based on analysis of user activity records. Based on these transaction profiles, we propose a set of (1) anomaly types to detect potentially suspicious user behaviour, and (2) scenarios to identify inadequate segregation of duties in an ERP environment. In addition, we present two algorithms to construct a directed acyclic graph to represent relationships between transaction profiles. Experiments were conducted using a real dataset obtained from a teaching environment and a demonstration dataset, both using SAP R/3, presently the predominant ERP system. The results of this empirical research demonstrate the effectiveness of the proposed approach.

Fraud detection in ERP systems using scenario matching

ERP systems generally implement controls to prevent certain common kinds of fraud. In addition however, there is an imperative need for detection of more sophisticated patterns of fraudulent activity as evidenced by the legal requirement for company audits and the common incidence of fraud. This paper describes the design and implementation of a framework for detecting patterns of fraudulent activity in ERP systems. We include the description of six fraud scenarios and the process of specifying and detecting the occurrence of those scenarios in ERP user log data using the prototype software which we have developed. The test results for detecting these scenarios in log data have been verified and confirm the success of our approach which can be generalized to ERP systems in general.